A file that contains important information and error messages that are generated during database operations.
To verify the identity of a user, device, or other entity in a computer system, often as a prerequisite for allowing access to resources in a system.
Permission given to a user, program, or process to access an object or set of objects. In Oracle Database, authorization is done through the role mechanism. A single person or a group of people can be granted a role or a group of roles. A role, in turn, can be granted other roles.
A representative copy of data. This copy includes important parts of your database such as control files, redo log files, and data files.
A backup is a safeguard against unexpected data loss; if you lose your original data, then you can use the backup to make the data available again. A backup is also a safeguard against an application error; if an application makes incorrect changes, then you can restore the backup.
A certificate authority (CA) is a trusted third party that certifies the identity of other entities such as users, databases, administrators, clients, and servers. The certificate authority verifies the user's identity and grants a certificate, signing it with one of the certificate authority's private keys.
Microsoft's Component Object Model is an object-oriented programming architecture and a set of operating system services. These services notify running application components of significant events and ensure that they are authorized to run. COM is intended to make it relatively easy to create business applications that work well with Microsoft Transaction Server.
VSS snapshots of Oracle database components. Examples of components include tablespaces or archived redo logs.
A specially formatted description of the destination for a network connection. A connect descriptor contains destination services and network route information. The destination service is indicated by using its service name for Oracle9i or Oracle8i databases or its Oracle system identifier for Oracle8 Release 8.0 databases. The network route provides, at a minimum, the location of the listener through use of a network address.
A net service name or service name, that maps to a connect descriptor. Users initiate a connect request by passing a username and password along with a connect identifier in a connect string for the services to which they want to connect, for example:
CONNECT username/password@connect_identifier
See net service name.
Files that record the physical structure of a database and contain the database name, the names and locations of associated databases and online redo log files, the time stamp of the database creation, the current log sequence number, and checkpoint information.
A username, password, or certificate used to gain access to the database.
See net service name.
Process of converting contents of a message that has gone through encryption (ciphertext) back into its original readable format (plaintext).
ITU X.509 v3 standard data structures that securely bind an identity to a public key. A certificate is created when an entity's public key is signed by a trusted identity, a certificate authority. The certificate ensures that the entity's information is correct and that the public key actually belongs to that entity.
Digital signatures are created when a public key algorithm is used to sign messages with senders' private keys. A digital signature assures that a document is authentic, has not been forged by another entity, has not been altered, and cannot be repudiated by the sender.
See dynamic link library.
Process of disguising a message, rendering it unreadable to any but the intended recipient.
Directory constructs consisting of Oracle Database and enterprise users and roles.
A directory structure which contains global roles on multiple databases, and which can be granted to an enterprise user.
A user that has a unique identity across an enterprise. An enterprise user connects to individual databases through a schema and is assigned an enterprise role that determines the user's access privileges on databases.
Functions written in a third-generation language (C, for example) and callable from within PL/SQL or SQL as if they were PL/SQL functions or procedures.
Roles created and managed by Windows operating systems. Once an external role is created, you can grant or revoke that role to a database user. You must set init.ora parameter OS_ROLES
to true
and restart Oracle Database before you can create an external role. You cannot use both Windows operating systems and Oracle Database to grant roles concurrently.
A function written in a third-generation language (3GL), such as C, and callable from within PL/SQL or SQL as if it were a PL/SQL function or procedure.
A user authenticated by the Windows operating system who can access Oracle Database without being prompted for a password. External users are typically regular database users (non-database administrators) to which you assign standard database roles (such as DBA
), but do not want to assign SYSDBA (database administrator) or SYSOPER (database operator) privilege.
The Windows operating system can authenticate a user, who can then access Oracle Database without being prompted for a password. External users are typically regular database users (non-database administrators) to whom you assign standard database roles (such as DBA
), but do not want to assign the SYSDBA (database administrator) or SYSOPER (database operator) privilege.
A role whose privileges are contained within a single database, but which is managed in a directory.
The Oracle Database architecture that ensures that database utilities, error messages, sort order, date, time, monetary, numeric, and calendar conventions automatically adapt to the native language and locale.
Represents the name of an Oracle home. In Oracle Database 12c Release 1 (12.1), all Oracle homes have a unique HOMENAME.
An ASCII text file that contains information needed to initialize a database and instance.
Every running Oracle Database is associated with an Oracle Database or Oracle Automatic Storage Management instance. When a database is started on a database server (regardless of the type of computer), Oracle Database allocates a memory area called the System Global Area and starts one or more Oracle Database processes. This combination of the System Global Area and Oracle Database processes is called an instance. The memory and processes of an instance manage the associated database's data efficiently and serve the users of the database.
A simple, low-level serialization mechanism to protect shared data structures in the System Global Area.
Lightweight Directory Access Protocol (LDAP)
A standard, extensible directory access protocol. It is a common language that LDAP clients and servers use to communicate. LDAP is a framework of design conventions supporting industry-standard directory products, such as Oracle Internet Directory.
The Oracle Database server process that listens for and accepts incoming connection requests from client applications. The listener process starts Oracle Database processes to handle subsequent communications with the client; then it goes back to listening for new connection requests.
A configuration file that describes one or more Transparent Network Substrate (TNS) listeners on a server.
See Windows local groups.
Roles created and managed by the database. Once a local role is created, you can grant or revoke that role to a database user. You cannot use Windows (for external role management) and Oracle Database (for local role management) concurrently.
An application that serves as a host for administrative tools called snap-ins. By itself, Microsoft Management Console does not provide any functionality.
A transaction processing system based on COM that runs on an Internet or network server.
To upgrade or downgrade an Oracle Database or convert the data in a non-Oracle database into an Oracle Database.
To associate a database with an instance that has been started.
The name used by clients to identify an Oracle Net server and the specific system identifier or database for the Oracle Net connection. A net service name is mapped to a port number and protocol. Also known as a connect string, database alias, host string, or service name.
This also identifies the specific system identifier or database to which the connection is attaching, not just the Oracle Net server.
A listener on a server that listens for connection requests for one or more databases on one or more protocols. See listener.
In an Oracle application network, a service performs tasks for its service consumers. For example, a Names Server provides name resolution services for clients.
Protected by a process often used by companies for intellectual property written in the form of Java programs. The obfuscation process mixes up Java symbols found in the code. It leaves the original program structure intact, allowing the program to run correctly, while changing the names of the classes, methods, and variables to hide the intended behavior. Although it is possible to decompile and read non-obfuscated Java code, obfuscated Java code is sufficiently difficult to decompile to satisfy U.S. government export controls.
A set of file naming and placement guidelines for Oracle Database software and databases.
ORACLE_BASE is the root of the Oracle Database directory tree. If you install an OFA-compliant database using Oracle Universal Installer defaults, then ORACLE_BASE is X:\app\username\product\12.1.0
where X
is any hard drive.
An application programming interface that enables you to manipulate data and schema in an Oracle Database. You compile and link an Oracle Call Interface application in the same way that you compile and link a non-database application. There is no need for a separate preprocessing or precompilation step.
Corresponds to the environment in which Oracle Database products run. This environment includes the location of installed product files, the PATH variable pointing to the binary files of installed products, registry entries, net service names, and program groups.
If you install an OFA-compliant database, using Oracle Universal Installer defaults, then Oracle home (known as ORACLE_HOME in this guide) is located beneath ORACLE_BASE. It contains subdirectories for Oracle Database software executables and network files.
Starting with Oracle Database 12c Release 1 (12.1), a new Windows utility called the Oracle Home User Control has been introduced. This is a command-line tool that displays the Oracle Home User name associated with the current Oracle Home or helps to update the password of an Oracle Home User. This tool accepts the new password at the tool's prompt for password entry and validates it against the password of the operating system. The tool terminates if password validation fails. Moreover, the user starting the orahomeuserctl
command, must have administrator privileges.
An Oracle Database-based LDAP V3 directory server, used for centralizing database user, Oracle Net network connector, and database listener parameters.
A component of Oracle Net Services that enables a network session from a client application to an Oracle Database server. Once a network session is established, Oracle Net acts as a data courier for the client application and the database server. It is responsible for establishing and maintaining the connection between the client application and database server, and exchanging messages between them. Oracle Net can perform these jobs because it is located on each computer in the network.
A suite of networking components that provide enterprise-wide connectivity solutions in distributed, heterogeneous computing environments. Oracle Net Services are comprised of Oracle Net, listener, Oracle Connection Manager, Oracle Net Configuration Assistant, and Oracle Net Manager.
Oracle Advanced Security includes Oracle PKI (public key infrastructure) integration for authentication and single sign-on. Oracle-based applications are integrated with the PKI authentication and encryption framework, using Oracle Wallet Manager.
A product that maps the functions of a given network protocol into Oracle Transparent Network Substrate (TNS) architecture. This process translates TNS function calls into requests to the underlying network protocol. This allows TNS to act as an interface among all protocols. Oracle Net requires Oracle Protocol Support.
Windows services that are associated with particular Oracle Database components.
A service on Windows systems that acts as coordinator between an Oracle database instance and other VSS components, enabling data providers to create a shadow copy of files managed by the Oracle instance. For example, the Oracle VSS writer can place data files in hot backup mode to provide a recoverable copy of these data files in a shadow copy set.
Procedural language extension to SQL that is part of Oracle Database.
PL/SQL enables you to mix SQL statements with procedural constructs. You can define and run PL/SQL program units such as procedures, functions, and packages.
A programming tool that enables you to embed SQL statements in a high-level source program.
In public key cryptography, these are the secret keys. They are used primarily for decryption but also for encryption with a digital signature.
A mechanism in an operating system that can run an executable. (Some operating systems use the terms job or task.) A process usually has its own private memory area in which it runs. On Windows a process is created when an application runs (such as Oracle Database or Microsoft Word). In addition to an executable program, all processes consist of at least one thread. The Oracle Database master process contains hundreds of threads.
Software or hardware that creates shadow copies on demand. Typically, a provider is a disk storage system. In response to a request from a requester, a provider responds to VSS COM messages to create and maintain shadow copies.
In public key cryptography, this key is made public to all. It is primarily used for encryption but can also be used for verifying signatures.
Public key cryptography involves information encryption and decryption using a shared public key paired with private keys. Provides for secure, private communications within a public network.
A limit on a resource, such as a limit on the amount of database storage used by a database user. A database administrator can set tablespace quotas for each Oracle Database username.
Portions of a physical disk that are accessed at the lowest possible disk (block) level.
To restore a physical backup is to reconstruct it and make it available to the Oracle Database server. To recover a restored backup is to update it using redo records (that is, records of changes made to the database after the backup was taken). Recovering a backup involves two distinct operations: rolling forward the backup to a more current time by applying redo data, and rolling back all changes made in uncommitted transactions to their original state.
A circular buffer in the System Global Area that contains information about changes made to the database.
Files that contain a record of all changes made to data in the database buffer cache. If an instance failure occurs, then the redo log files are used to recover the modified data that was in memory.
An application that uses the VSS API to create shadow copies. Requester applications communicate with VSS writers to gather information about the system and to signal writers to prepare data for backup. The requester maintain control over VSS backup and restore operations by generating COM events through calls in the VSS API.
The process of copying and maintaining database objects in multiple databases that comprise a distributed database system.
A named collection of objects, such as tables, views, clusters, procedures, and packages, associated with one or more particular users.
Executable processes installed in the Windows registry and administered by Windows. Once services are created and started, they can run even when no user is logged on to the computer.
See net service name.
See System Global Area.
A server configuration which allows many user processes to share very few server processes. The user processes connect to a dispatcher background process, which routes client requests to the next available shared server process.
See system identifier.
Administrative tools that run within Microsoft Management Console.
(1) Information stored in rollback segments provide transaction recovery and read consistency. Use Rollback segment information to re-create a snapshot of a row before an update.
(2) A point-in-time copy of a master table located on a remote site. Read-only snapshots can be queried, but not updated. Updateable snapshots can be queried and updated. They are periodically refreshed to reflect changes made to the master table, and at the snapshot site.
A special database administration role that contains all system privileges with the ADMIN
OPTN
, and the SYSOPER system privilege. SYSDBA
also permits CREATE DATABASE
actions and time-based recovery.
A special database administration role that permits a database administrator to perform STARTUP
, SHUTDOWN
, ALTER
DATABASE
OPEN/MOUNT
, ALTER
DATABASE
BACKUP
, ARCHIVE
LOG
, and RECOVER
, and includes the RESTRICTED
SESSN
privilege.
A group of shared memory structures that contain data and control information for an Oracle Database instance.
A unique name for an Oracle Database instance. To switch between instances of Oracle Database, users must specify the desired system identifier. The system identifier is included in the CONNECT
DATA
parts of the connect descriptors in a tnsnames.ora file, and in the definition of the network listener in a tnsnames.ora file.
One of two standard database administrator user names automatically created with each database. (The other user name is SYS
.). The SYSTEM
user name is the preferred user name for database administrators to use for database maintenance.
A database is divided into one or more logical storage units called tablespaces. Tablespaces are divided into logical units of storage called segments, which are further divided into extents.
An individual path of execution within a process. Threads are objects within a process that run program instructions. Threads allow concurrent operations within a process so that a process can run different parts of its program simultaneously on different processors. A thread is the most fundamental component that can be scheduled on Windows.
A file that contains connect descriptors mapped to net service names. The file can be maintained centrally or locally, for use by all or individual clients.
Each server and background process can write to an associated trace file. When a process detects an internal error, it dumps information about the error to its trace file. Some information written to a trace file is intended for the database administrator, while other information is intended for Oracle Support Services. Trace file information is also used to tune applications and instances.
Trust points or trusted certificates are third party identities that are qualified with a level of trust. A trusted certificate is used when an identity is being validated as the entity it claims to be. Certificate authorities you trust are called trusted certificates. If there are several levels of trusted certificates, a trusted certificate at a lower level in the certificate chain does not have all its higher level certificates reverified.
Universal groups are available in Windows. They can contain other groups, including other universal groups, local groups, and global groups.
A selective presentation of the structure and data of one or more tables. Views can also be based on other views.
Volume Shadow Copy Service (VSS)
An infrastructure on Windows server platforms that enables requesters, writers and providers to participate in creation of consistent snapshots called Shadow Copies. The VSS service uses well-defined COM interfaces.
Groups that can be granted permissions and rights in their own domain, member servers and workstations of their domain, and in trusted domains. They can also become members of Windows local groups in all these places. But global groups can contain user accounts only from their own domains.
Groups that can be granted permissions and rights only for its own computer or, if part of a domain, to the domain controllers of that domain. Local groups can, however, contain user accounts and Windows global groups from both their own domain and from trusted domains